Warning: Microsoft Patch Tuesday June 2022 patches 55 vulnerabilities (3 critical, 52 important)
Microsoft patched 55 CVEs in its June 2022 Patch Tuesday release, 3 rated as critical and 52 rated as important.
Number of CVE's per type
- Remote Code Execution: 27
- Elevation of Privileges: 12
- Denial of Service: 3
- Spoofing: 1
- Information Disclosure: 11
- Security Feature Bypass: 1
Remark: MS Patch Tuesday contains a patch for CVE-2022-30190 (A.K.A) Follina. Threat actors are actively exploiting Follina.
This month’s Patch Tuesday includes 3 critical and 53 important vulnerabilities for a wide range of Microsoft products, impacting Microsoft Server and Workstations.
Remark: The Patch tuesday contains a patch for CVE-2022-30190 (A.K.A) Follina. Threat actors are actively exploiting Follina targeting organisation inluding US & EU government agencies.
The CCB recommends installing the updates to be fully protected from the vulnerability.
CVE-2022-30190 - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution
This vulnerability would allow a remote unauthenticated attacker to execute arbitrary code with the privileges of the current user. An attacker can chain other exploits to gain higher privileges. The attack can be successful without opening the malicious file. Previewing the file is sufficient.
This vulnerability is actively exploited in the wild with malware varying from Ransomware, Banking Trojans and Backdoors.
The CCB recommends to prioritise testing and to deploy this fix with high priority to be fully protected from the vulnerability.
CVE-2022-30136 - Windows Network File System Remote Code Execution Vulnerability
This vulnerability could allow a remote attacker to execute privileged code on affected systems running NFS. Organisations running NFS should prioritize testing and deploying this fix.
CVE-2022-24436 - Hertzbleed
Hertzbleed is a type of side-channel attack that takes advantage of dynamic frequency scaling affecting a variety of CPU's including Intel CPU's and AMD's desktop, mobile and server chips.
A successful attack can allow an attacker to extract cryptographic keys from remote servers.
CVE-2022-30147 - Windows Installer elevation of privilege vulnerability
Microsoft marked this bug as more likely to be exploited. This type of vulnerability is often leveraged during a cyber attack.
CVE-2022-30148 - Windows Desired State Configuration (DSC) Information Disclosure
An attacker could use this to recover plaintext passwords and usernames from log files. Attackers can leverage this vulnerability to move laterally within a network.
Organisations using DSC, should prioritize testing and deploying this fix.
The CCB recommends installing updates for vulnerable devices with the highest priority, after thorough testing.